diff options
author | Matt Caswell <matt@openssl.org> | 2017-01-02 11:40:16 +0000 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2017-01-10 23:02:50 +0000 |
commit | d24c6a34ce4af11cd09aadd6a0f356cb2bd7fa4f (patch) | |
tree | 441d043312c1f4d3a1b73855df1d9a286cda979d /ssl | |
parent | 710eb47fdd01e9955151868b07e135c563bf4b76 (diff) |
Always use TLSv1.0 for record layer version in TLSv1.3
TLSv1.3 freezes the record layer version and ensures that it is always set
to TLSv1.0. Some implementations check this.
Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/2157)
Diffstat (limited to 'ssl')
-rw-r--r-- | ssl/record/rec_layer_s3.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/ssl/record/rec_layer_s3.c b/ssl/record/rec_layer_s3.c index 3ffe29ad00..01e3db26cb 100644 --- a/ssl/record/rec_layer_s3.c +++ b/ssl/record/rec_layer_s3.c @@ -784,7 +784,7 @@ int do_ssl3_write(SSL *s, int type, const unsigned char *buf, /* Clear our SSL3_RECORD structures */ memset(wr, 0, sizeof wr); for (j = 0; j < numpipes; j++) { - unsigned int version = s->version; + unsigned int version = SSL_IS_TLS13(s) ? TLS1_VERSION : s->version; unsigned char *compressdata = NULL; size_t maxcomplen; unsigned int rectype; |